Sunday, May 20, 2007

Secunia Software Inspector Report

Via Brian Krebs, I see that Secunia has issued a report on the Software Inspector they introduced six months ago. The object of the Software Inspector is to scan the computer not only for Microsoft updates, but also to find out what other software is out of date. Read Brian's post for his thoughts about the browser comparisons.

I am not as concerned with the browsers, since those numbers are not too bad. There is more awareness of browser security than other applications. Firefox has a built in update feature. Even people who don't have Microsoft updates automatically installed on their computer are likely to be aware of "Patch Tuesday". This explains why Secunia reports that the patch level for Microsoft products are relatively high.

It is other applications where I have a concern, particularly when Secunia reports
"But looking at media players such as Quicktime and WinAMP, then the figures are more worrying, as 26.96% of all WinAMP 5 installations miss important security updates and 33,14% of all Quicktime 7 installations are outdated."

{Snip}

"This constitutes a significant problem because many of those applications, like WinAMP and Quicktime, are readily used whenever users encounter media files of various kinds. Most people wouldn't hesitate to open an .mpg, .jpg, .mov, or .mp3 file from any source if it seems the least bit interesting and relevant. It's easy to embed a movie in your homepage, for example, and all it takes is one unpatched Quicktime vulnerability and a provocative video title to compromise a lot of visitors."
Consider the effect of 33.14% of Quicktime 7 outdated in conjunction with the report by Joris Evers, Cybercrooks add QuickTime, WinZip flaws to arsenal providing a warning by Symantec that security holes in QuickTime and WinZip are being exploited by sites appearing to be trusted financial institutions. Instead, they are using the vulnerabilities to attempt to silently install keystroke-logging software.
"Symantec discovered the attacks when one of the PCs that it uses as bait was breached earlier this week.

"This compromise was especially interesting, because the site made use of a QuickTime vulnerability discovered in January 2007 and a WinZip vulnerability discovered in November 2006," Symantec said. "Before our analysis, it was not known that these issues were being exploited in the wild."

QuickTime is Apple's widely used media player software, WinZip is a popular tool for compressing and decompressing files."

What can you do to avoid such exploits? First, of course, make sure you use the phishing filter in your browser. Visit Microsoft Updates to ensure you have all the latest security updates. Then, head on over to Secunia to check for other out of date software on your computer. There is a link is on the left side-bar. Go ahead, check it out.

No comments: